The problem is not when the session ends, but when the user enters again to the
system after his(her) session ended. The applications shows the login template,
the user enter the user name and password and the application (I do not know
how) authenticates the user and let him(her) to enter without running my:
<cfset roles=session.security.login(cflogin.name,cflogin.password)>
Nor my:
<cfloginuser name="#cflogin.name#" Password="#cflogin.password#" roles
=#roles#">
And that is why I end up with a loged in user without my âsession.userInfoâ
variable. I already try loging out the user in the onSessionEnd but it did not
work either.
My solution works but I want to know why is this happening, and why sometimes
its authenticates and sometimes not.
>hi,
>I have a bit of a problem, and I know that happens sometimes when the sessi=
>on expires (and may be have something to do with the application expiration=
>).
>OK this is it:
>Every time I authenticate an user (this is made by an object created in the=
> session scope) I create a struct that contains all the user information. T=
>his struct resides in the session scope and should be available while the s=
>ession is active. When the user logout I delete this struct. Everything wor=
>ks fine, but some times when the session expires and the user re-login, the=
> server do not run the authentication neither the login part of my code. So=
> I ended without my struct and with a logged in user.
>This is my simplified Application.cfc, I do not know what I am missing:
>
>
><cfcomponent displayname ="Application">
>
>
> <!--- Atributes --->
> <cfscript>
> this.loging = true;
> this.name = "APP";
> this.Sessionmanagement = true;
> this.Sessiontimeout = #createtimespan(0,0,1,0)#;
> this.applicationtimeout = #createtimespan(0,1,0,0)#;
> this.loginstorage = "session";
> </cfscript>
>
>
><!--- onApplicationStart --->
><cffunction name ="onApplicationStart">
>
> <cfif this.loging>
> <cflog file ="#This.Name#" type ="Information" text ="Started" />
> </cfif>
>
> <cfscript>
> application.sessions = 0;
> </cfscript>
> </cffunction>
>
> <!--- onApplicationEnd --->
> <cffunction name ="onApplicationEnd">
> <cfargument name ="ApplicationScope" required ="true" />
>
> <cfif this.loging>
> <cflog file ="#this.Name#" type ="Information"
> text ="#ApplicationScope.applicationname# Ended" />
> </cfif>
>
> </cffunction>
>
>
> <!--- onRequestStart --->
> <cffunction name ="onRequestStart">
>
> <cfparam name ="act" default ="0">
>
> <!--- If we want to logout --->
> <cfif act is "logout">
> <cfset clearSession()>
> <cflogout>
> </cfif>
>
>
>
>
> <!--- the user is not login --->
> <cflogin>
> <cfif NOT IsDefined("cflogin")>
> <!--- the action of the login form point to index.cfm --->
> <cfinclude template ="login_form.cfm" />
> <cfabort>
>
> <!--- Validate --->
> <cfelse>
>
> <!--- object that autenticates the user --->
> <!--- this object also creates a session struct
> session.userInfo with aditional user info --->
> <cfset roles=session.security.login(cflogin.name,cflogin.password)>
>
> <!--- If the user has any role --->
> <cfif roles is not "NONE">
> <cfloginuser name="#cflogin.name#"
> Password = "#cflogin.password#"
> roles =#roles#">
>
> <--- the times that I have the error the user is loged in by
> ColdFusion but this test code is not executed --->
> <cfdump var ="#session#">
>
> <!--- This is not a valid user --->
> <cfelse>
> <!--- the action of the login form points to index.cfm --->
> <cfinclude template ="login_form.cfm" />
> <cfabort>
> </cfif>
> </cfif>
> </cflogin>
>
> <!--- here is the problem and this is the solution that I made
> 'but I do not like it' --->
> <!--- sometimes I get here and the struct dose not exist --->
> <cfif NOT isDefined("session.userInfo")>
> <cfset session.security.load_user()>
> </cfif>
>
> <cfset this.start =now()>
>
>
>
> </cffunction>
>
>
> <!--- onRequest --->
> <cffunction name ="onRequest">
> <cfargument name ="targetPage" type ="String" required ="true" />
>
> <!--- This is a minimal example of an onRequest filter. --->
> <cfsavecontent variable ="content">
> <cfinclude template ="#ARGUMENTS.TargetPage#" />
> </cfsavecontent>
>
> <cfoutput>
> #content#
> </cfoutput>
>
> </cffunction>
>
>
> <!--- onSessionStart --->
> <cffunction name ="onSessionStart">
> <cfscript>
> session.started = now();
> clearSession();
> </cfscript>
>
> <!--- Create the security object --->
> <cfobject component ="#application.core#.aspects.Security"
> name ="session.security" type ="component" />
>
> <cflock timeout ="5" throwontimeout ="no"
> type ="exclusive" scope="application">
> <cfset application.sessions = application.sessions + 1 />
> </cflock>
>
> <cfif this.loging>
> <cflog file ="#this.Name#" type ="Information"
> text ="Session: #Session.sessionid# started" />
> </cfif>
> </cffunction>
>
>
> <!--- onSessionEnd --->
> <cffunction name ="onSessionEnd">
> <cfargument name = "SessionScope" required ="true" />
>
> <cfif this.loging>
> <cflog file ="#this.Name#" type ="Information"
> text ="Session: #arguments.SessionScope.sessionid# ended" />
> </cfif>
> </cffunction>
>
>
>
> <!--- ---------------------------------------------------------
> PRIVATE FUNCTIONS
> ---------------------------------------------------------- --->
>
> <!--- Clear Session --->
> <cffunction name ="clearSession" access ="private" output ="no">
> <cfscript>
> session.lang = "ENG";
> StructDelete(session,"userInfo");
> </cfscript>
> </cffunction>
>
></cfcomponent>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
ColdFusion is delivering applications solutions at at top companies
around the world in government. Find out how and where now
http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:292085
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe:
http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
